projects / openwrt / staging / dedeckeh.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2bab7d2)
kernel: Activate CONFIG_SLAB_FREELIST_HARDENED
authorHauke Mehrtens <hauke@hauke-m.de>
Sat, 22 Apr 2023 13:07:36 +0000 (15:07 +0200)
committerHauke Mehrtens <hauke@hauke-m.de>
Sat, 29 Apr 2023 10:38:09 +0000 (12:38 +0200)
This activates some extra checks in SLAB or SLUB to make it harder to
execute kernel heap exploits. This adds a minor performance
degradation which I haven't measured-.

Many mainstream Linux distributions also activate this option.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
target/linux/generic/config-5.10 patch | blob | history
target/linux/generic/config-5.15 patch | blob | history

diff --git a/target/linux/generic/config-5.10 b/target/linux/generic/config-5.10
index 3358329848561c9e087e75ca2eedfd943817e20d..5b2aad99c3697cb301c3d0c7de93fedf502350b2 100644 (file)
--- a/target/linux/generic/config-5.10
+++ b/target/linux/generic/config-5.10
@@ -5463,7 +5463,7 @@ CONFIG_SIGNALFD=y
 # CONFIG_SKY2_DEBUG is not set
 # CONFIG_SLAB is not set
 CONFIG_SLABINFO=y
-# CONFIG_SLAB_FREELIST_HARDENED is not set
+CONFIG_SLAB_FREELIST_HARDENED=y
 # CONFIG_SLAB_FREELIST_RANDOM is not set
 CONFIG_SLAB_MERGE_DEFAULT=y
 # CONFIG_SLHC is not set
diff --git a/target/linux/generic/config-5.15 b/target/linux/generic/config-5.15
index 004688c4707d573c063bd916db973b0c12734f3c..eae1adb5dd8b0fca2b2875372775a960230fe5e7 100644 (file)
--- a/target/linux/generic/config-5.15
+++ b/target/linux/generic/config-5.15
@@ -5753,7 +5753,7 @@ CONFIG_SIGNALFD=y
 # CONFIG_SKY2_DEBUG is not set
 # CONFIG_SLAB is not set
 CONFIG_SLABINFO=y
-# CONFIG_SLAB_FREELIST_HARDENED is not set
+CONFIG_SLAB_FREELIST_HARDENED=y
 # CONFIG_SLAB_FREELIST_RANDOM is not set
 CONFIG_SLAB_MERGE_DEFAULT=y
 # CONFIG_SLHC is not set
Staging tree of dedeckeh